<?php
//make sure username isn't taken
include_once("Accounts.config.php");
global $DB;
$DB->query('select PasswordTemp,username,concat(firstname," ",lastname) as fullname from lwbc_main.users where upper(email) = upper(\'' . $_POST['txtEmail'] . '\')');
if(isset($_POST['txtEmail']) && !$row = $DB->fetch_row()) {
	header("Location: index.php?action=resetPassword&error=noemail");
	exit();
}

//email the user
include_once("Security/SingleSignOn.php");
$SSO = new SingleSignOn;
$new_temp_password = $SSO->resetPassword($_POST['txtEmail']);
$SSO->sendTemporaryPasswordEmail($row['username'],$new_temp_password,$_POST['txtEmail'],$row['fullname']);

header("Location: index.php?action=resetPassword&emailSuccess=yes");
?>